Back to Industry

Industry - Data Breach

moderateAnti-PrivacyData Breach

Executive Summary

TriWest Healthcare Alliance notified 11,844 military Tricare beneficiaries that an unauthorized person gained access to their protected health information on April 16, including names, DoD Benefits Numbers, and ZIP codes, with fewer than five cases also involving Social Security numbers, addresses, and dates of birth. The company discovered the breach the same day, hired forensic experts to investigate, and is offering affected beneficiaries 24 months of free credit monitoring through Experia...

What Happened

On April 16, 2026, an unauthorized individual gained access to TriWest Healthcare Alliance systems and downloaded protected health information belonging to 11,844 Tricare military beneficiaries. The compromised data included names, Department of Defense Benefits Numbers, and ZIP codes for all affected individuals, while fewer than five cases also involved Social Security numbers, full addresses, and dates of birth. TriWest discovered the breach the same day it occurred and engaged third-party forensic experts to investigate, then began notifying affected beneficiaries in early July.

Who Is Affected

The breach impacts 11,844 current and former military service members and their families who receive healthcare through the Tricare West Region program managed by TriWest Healthcare Alliance. This includes active duty personnel, retirees, National Guard and Reserve members, family members, survivors, and certain former spouses whose eligibility is tracked through the Defense Enrollment Eligibility Reporting System.

Why It Matters

This incident exposes sensitive military healthcare information that could be used for identity theft or targeted fraud against service members and their families, a population already vulnerable to financial scams. The inclusion of DoD Benefits Numbers creates particular risk as these identifiers are used across multiple military systems and benefits programs. The two-and-a-half-month delay between breach discovery and beneficiary notification raises questions about transparency standards for healthcare contractors serving military populations.

What You Should Do

Affected beneficiaries should immediately enroll in the free 24-month Experian credit monitoring service using the activation code provided in their notification letter before the enrollment deadline expires. Monitor financial accounts and credit reports closely for suspicious activity, and report any concerns to TriWest's Breach Response Line at 1-833-918-1296. If you discover fraudulent use of your information, file an identity theft report with the Federal Trade Commission at identitytheft.gov and consider placing a fraud alert or credit freeze with the major credit bureaus.

Summary generated from verified sources and reviewed before publication. How we summarize.

TriWest Healthcare Alliance notified 11,844 military Tricare beneficiaries that... - Industry | PrivacyWire